In addition to serving as a distributed testbed for Active Networks
research, the Columbia ABone nodes are being used to develop and
demonstrate technologies developed at the DCC laboratory. The two
technologies demonstrated are
NESTOR,
an architecture for automating network configuration management,
and VAN,
a technology for creating Virtual Active Networks.

3.1 Requirements

Accept execution of an untrusted application: NESTOR clients must have
permission to open a server socket to receive asynchronous notification of
events from the repository. Unfortunately, Web Start has a limited security
policy mechanism in which applications may only create server sockets if
they are given ALL permissions (including file read/write,
etc). It is therefore required that users execute the browser with full
privileges (this issue will be addressed in future releases).

3.2 Starting the Java NESTOR Browser

3.3 Screenshot

A screen-shot of the browser is shown below. Note that the browser will be
executing with guest privileges which means that the repository configuration
may not be modified.

3.4 Brief Usage Instructions

The tree panel, on the left, lists the classes of objects that are
available in the NESTOR ABone repository. Each class may be expanded
to list all its instances.

Selecting a class node in the tree opens a class introspection panel
on the right, listing the attributes, relations and inheritance of this
class.

Selecting an object node in the tree opens an object instance panel
on the right, listing the values of the object's attributes and relations.
Objects listed in a relation may be navigated-to by clicking the
Go button.

The Topology menu can be used to visualize the topology of
the network.

3.5 Troubleshooting

Q: When clicking on the start link the browser offers to save the target
as a file (with extension JNLP).

A: Once the browser starts it must contact the repository, download
the repository proxy and perform some class initializations. This
process may take up to a minute on a slow machine. If the problem
persists, then it is likely that a firewall and/or DNS issue is
involved. The current prototype cannot be executed behind a firewall
(the next major release will include an alternate RMI communications
stack that will support callback over an existing TCP connection).

4. Additional Services

DARPA Active Networks researchers may request a development kit that will
enable them to instrument their applications in the NESTOR repository.
Developers will receive repository accounts allowing them to create and
maintain objects. Please send e-mail to akonstan@cs.columbia.edu for more information.

5. About NESTOR

NESTOR is an architecture
for automating network configuration management. Configuration in NESTOR
is expressed in a unified object-relationship model. Instances of the
model are stored in distributed repositories supporting transactional
access. Changes to the model are only committed if the satisfy a set
of declarative constraints expressed in a constraint language. Additionally,
changes in part of the model may be propagated (as in spreadsheets) through
the use of acyclic propagation rules. The model is mapped to the real
world through a set of adapters. More information on NESTOR can
be obtained in the project's
web-site.

A prototype of NESTOR has been built and includes an object repository,
a standard API for remote client access, a graphical browser for
navigating repository objects and visualizing topology, and adapters
for various systems including Linux hosts, SNMP MIB-2 devices,
CISCO switches, CISCO routers,
Virtual Active Networks (VANs) and the Active Network Daemon (AnetD).